problem sa spajverom

2

problem sa spajverom

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8448
  • Gde živiš: Novi Beograd

Otvoriti Notepad i iskopirati sledeci tekst:


Snapshot::



Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

offline
  • Pridružio: 22 Avg 2006
  • Poruke: 425
  • Gde živiš: Kranj

Evo novi log
ComboFix 08-05-01.3 - Jonki 2008-05-02 19:30:48.7 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.191 [GMT 2:00]
Running from: C:\Documents and Settings\Jonki\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Jonki\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-04-02 to 2008-05-02 )))))))))))))))))))))))))))))))
.

2008-05-02 19:28 . 2008-05-02 19:28 <DIR> d-------- C:\WINDOWS\LastGood
2008-05-02 18:48 . 2008-05-02 18:48 <DIR> d-------- C:\Program Files\Lavasoft
2008-05-02 18:48 . 2008-05-02 18:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-02 18:47 . 2008-05-02 18:47 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-02 18:42 . 2008-05-02 18:43 <DIR> d-------- C:\Program Files\Atomic Alarm Clock
2008-05-02 18:05 . 2008-03-01 15:06 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-05-02 18:05 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-05-02 18:05 . 2007-03-08 07:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-05-02 18:05 . 2008-03-01 15:06 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-05-02 18:05 . 2008-03-01 15:06 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-05-02 18:05 . 2008-03-01 15:06 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-05-02 18:05 . 2008-03-01 15:06 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-05-02 18:05 . 2008-03-01 15:06 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-05-02 18:05 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-05-02 17:58 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2008-05-02 16:40 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2008-05-02 16:40 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2008-05-02 16:40 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2008-05-02 16:40 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2008-05-02 16:39 . 2003-02-28 16:38 113 --a------ C:\WINDOWS\system32\zonedon.reg
2008-05-02 16:39 . 2003-02-28 16:38 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2008-05-02 16:32 . 2006-08-21 11:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2008-05-02 16:32 . 2006-08-21 11:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2008-05-02 16:32 . 2006-08-21 14:21 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2008-05-02 16:26 . 2008-05-02 16:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-05-02 14:05 . 2008-05-02 14:07 <DIR> d-------- C:\Program Files\CCleaner
2008-05-02 09:01 . 2008-05-02 09:01 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-05-02 03:25 . 2007-10-26 05:36 8,454,656 -----c--- C:\WINDOWS\system32\dllcache\shell32.dll
2008-05-02 03:25 . 2006-12-19 23:52 134,656 -----c--- C:\WINDOWS\system32\dllcache\shsvcs.dll
2008-05-02 03:22 . 2006-06-22 07:06 1,435,648 -----c--- C:\WINDOWS\system32\dllcache\query.dll
2008-05-02 03:22 . 2007-06-26 08:08 1,104,896 -----c--- C:\WINDOWS\system32\dllcache\msxml3.dll
2008-05-02 03:22 . 2006-12-14 15:45 981,760 -----c--- C:\WINDOWS\system32\dllcache\mfc42u.dll
2008-05-02 03:22 . 2006-08-25 17:45 617,472 -----c--- C:\WINDOWS\system32\dllcache\comctl32.dll
2008-05-02 03:22 . 2007-07-09 15:09 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-05-02 03:22 . 2007-03-17 15:43 292,864 -----c--- C:\WINDOWS\system32\dllcache\winsrv.dll
2008-05-02 03:22 . 2006-10-13 12:23 163,584 -----c--- C:\WINDOWS\system32\dllcache\nwrdr.sys
2008-05-02 03:22 . 2006-10-13 14:35 142,336 -----c--- C:\WINDOWS\system32\dllcache\nwprovau.dll
2008-05-02 03:22 . 2006-06-22 07:06 69,120 -----c--- C:\WINDOWS\system32\dllcache\ciodm.dll
2008-05-02 03:22 . 2006-10-13 14:35 65,536 -----c--- C:\WINDOWS\system32\dllcache\nwwks.dll
2008-05-02 03:21 . 2006-11-27 16:54 539,136 -----c--- C:\WINDOWS\system32\dllcache\msftedit.dll
2008-05-02 03:21 . 2006-11-27 16:54 433,152 -----c--- C:\WINDOWS\system32\dllcache\riched20.dll
2008-05-02 03:21 . 2006-06-22 12:47 181,248 -----c--- C:\WINDOWS\system32\dllcache\rasmans.dll
2008-05-02 03:19 . 2007-06-13 12:23 1,033,216 -----c--- C:\WINDOWS\system32\dllcache\explorer.exe
2008-05-02 03:19 . 2007-04-23 12:32 364,160 -----c--- C:\WINDOWS\system32\dllcache\update.sys
2008-05-02 03:19 . 2006-05-19 14:59 111,616 -----c--- C:\WINDOWS\system32\dllcache\dhcpcsvc.dll
2008-05-02 03:19 . 2006-05-19 14:59 94,720 -----c--- C:\WINDOWS\system32\dllcache\iphlpapi.dll
2008-05-02 03:18 . 2007-05-16 17:12 1,314,816 -----c--- C:\WINDOWS\system32\dllcache\msoe.dll
2008-05-02 03:18 . 2007-05-16 17:12 510,976 -----c--- C:\WINDOWS\system32\dllcache\wab32.dll
2008-05-02 03:18 . 2007-12-18 11:51 179,584 -----c--- C:\WINDOWS\system32\dllcache\mrxdav.sys
2008-05-02 03:18 . 2007-05-16 17:12 86,528 -----c--- C:\WINDOWS\system32\dllcache\directdb.dll
2008-05-02 03:18 . 2007-05-16 17:12 85,504 -----c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2008-05-02 03:17 . 2008-03-19 11:47 1,845,248 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-05-02 03:17 . 2007-03-08 17:36 577,536 -----c--- C:\WINDOWS\system32\dllcache\user32.dll
2008-05-02 03:17 . 2007-10-30 19:20 360,064 -----c--- C:\WINDOWS\system32\dllcache\tcpip.sys
2008-05-02 03:17 . 2007-02-05 22:17 185,344 -----c--- C:\WINDOWS\system32\dllcache\upnphost.dll
2008-05-02 03:17 . 2007-03-08 17:36 40,960 -----c--- C:\WINDOWS\system32\dllcache\mf3216.dll
2008-05-02 03:16 . 2006-06-14 10:47 172,416 -----c--- C:\WINDOWS\system32\dllcache\kmixer.sys
2008-05-02 03:16 . 2006-06-14 11:00 82,944 -----c--- C:\WINDOWS\system32\dllcache\wdmaud.sys
2008-05-02 03:16 . 2006-06-14 10:47 6,400 -----c--- C:\WINDOWS\system32\dllcache\splitter.sys
2008-05-02 03:12 . 2007-10-30 00:43 1,287,680 -----c--- C:\WINDOWS\system32\dllcache\quartz.dll
2008-05-02 03:12 . 2006-10-19 15:56 713,216 -----c--- C:\WINDOWS\system32\dllcache\sxs.dll
2008-05-02 03:12 . 2006-10-12 13:09 256,512 -----c--- C:\WINDOWS\system32\dllcache\agentsvr.exe
2008-05-02 03:12 . 2007-03-09 15:46 57,344 --a--c--- C:\WINDOWS\system32\dllcache\agentdpv.dll
2008-05-02 03:12 . 2006-10-12 16:02 42,496 -----c--- C:\WINDOWS\system32\dllcache\agentdp2.dll
2008-05-02 03:12 . 2006-03-17 02:38 28,672 --------- C:\WINDOWS\system32\verclsid.exe
2008-05-02 03:11 . 2007-08-13 18:54 765,952 --a--c--- C:\WINDOWS\system32\dllcache\VGX.dll
2008-05-02 03:11 . 2007-11-07 11:26 721,920 -----c--- C:\WINDOWS\system32\dllcache\lsasrv.dll
2008-05-02 03:11 . 2007-08-13 18:38 491,520 --a--c--- C:\WINDOWS\system32\dllcache\jscript.dll
2008-05-02 03:11 . 2007-08-13 18:54 413,696 --a--c--- C:\WINDOWS\system32\dllcache\vbscript.dll
2008-05-02 03:11 . 2008-02-20 08:51 282,624 -----c--- C:\WINDOWS\system32\dllcache\gdi32.dll
2008-05-02 03:10 . 2007-04-16 17:52 984,576 -----c--- C:\WINDOWS\system32\dllcache\kernel32.dll
2008-05-02 03:09 . 2007-12-04 20:38 550,912 -----c--- C:\WINDOWS\system32\dllcache\oleaut32.dll
2008-05-02 03:08 . 2007-02-09 13:10 574,464 -----c--- C:\WINDOWS\system32\dllcache\ntfs.sys
2008-05-02 03:08 . 2007-04-25 16:21 144,896 -----c--- C:\WINDOWS\system32\dllcache\schannel.dll
2008-05-02 03:08 . 2008-02-20 07:32 45,568 -----c--- C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-05-02 03:00 . 2008-05-02 19:28 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-04-29 18:44 . 2008-05-01 23:01 96,645 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-04-29 18:44 . 2008-05-01 23:01 87,941 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-04-29 18:43 . 2008-05-02 19:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-04-29 18:43 . 2008-05-02 19:24 3,965,728 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-04-29 18:43 . 2008-05-02 19:24 86,304 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-04-29 18:43 . 2008-05-02 19:24 53,960 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-04-29 18:43 . 2008-05-02 19:24 9,464 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-04-29 18:36 . 2008-04-29 18:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-04-29 11:20 . 2008-04-29 11:20 15,648 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 11:19 . 2008-04-29 11:19 15,648 --a------ C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 11:19 . 2008-04-29 11:19 12,960 --a------ C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-04-28 21:28 . 2008-04-29 17:44 <DIR> d-------- C:\Program Files\IEAntiVirus
2008-04-28 14:51 . 2008-04-28 14:51 <DIR> d-------- C:\Program Files\dvd love
2008-04-21 15:08 . 2008-04-21 15:08 13,144 --a------ C:\WINDOWS\system32\lsdelete.exe
2008-04-18 13:49 . 2008-04-28 14:41 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-18 13:49 . 2008-04-18 13:49 1,409 --a------ C:\WINDOWS\QTFont.for

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-02 16:42 --------- d-----w C:\Documents and Settings\Jonki\Application Data\uTorrent
2008-05-02 12:05 --------- d-----w C:\Program Files\Yahoo!
2008-05-02 11:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-02 11:09 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-04-29 17:40 --------- d-----w C:\Program Files\CodeStuff
2008-04-29 16:43 --------- d-----w C:\Program Files\Kaspersky Lab
2008-04-28 20:09 --------- d-----w C:\Documents and Settings\Jonki\Application Data\dvd love
2008-04-28 12:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Bags Plus Online Chin
2008-04-20 17:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-16 17:53 --------- d-----w C:\Documents and Settings\Jonki\Application Data\Nokia Multimedia Player
2008-03-12 14:58 --------- d-----w C:\Documents and Settings\Jonki\Application Data\Nokia
2008-03-12 14:55 285,705 ----a-w C:\Program Files\Windows6.0-KB931621-x86.msu
2008-03-12 14:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-03-12 14:50 --------- d-----w C:\Program Files\Nokia
2008-03-12 14:50 --------- d-----w C:\Program Files\Common Files\Nokia
2008-03-12 14:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
2008-03-12 14:49 --------- d-----w C:\Program Files\SimpleCenter
2008-03-12 14:49 --------- d-----w C:\Program Files\Common Files\i4j_jres
2008-03-12 14:48 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-03-12 14:47 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-03-12 14:47 --------- d-----w C:\Program Files\DIFX
2008-03-12 14:47 --------- d-----w C:\Documents and Settings\Jonki\Application Data\PC Suite
2008-03-08 20:11 --------- d-----w C:\Documents and Settings\Jonki\Application Data\Skype
2008-03-08 20:07 --------- d-----w C:\Program Files\Webteh
2008-03-08 19:08 --------- d-----w C:\Program Files\MSN Messenger
2008-03-08 17:43 --------- d-----w C:\Documents and Settings\Jonki\Application Data\Nero
2008-03-08 17:42 --------- d-----w C:\Program Files\Common Files\Nero
2008-03-08 17:40 --------- d-----w C:\Program Files\Nero
2008-03-08 17:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-03-08 17:09 --------- d-----w C:\Program Files\MSBuild
2008-03-08 17:09 --------- d-----w C:\Program Files\Microsoft Works
2008-03-08 17:07 --------- d-----w C:\Program Files\Microsoft.NET
2008-03-08 17:04 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-03-08 06:37 --------- d-----w C:\Program Files\Google
2008-03-07 23:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-07 23:24 --------- d-----w C:\Program Files\epson
2008-03-07 23:23 --------- d-----w C:\Program Files\Unlocker
2008-03-07 23:23 --------- d-----w C:\Program Files\SMSPostar
2008-03-07 23:23 --------- d-----w C:\Program Files\Real
2008-03-07 23:23 --------- d-----w C:\Program Files\Macrogaming
2008-03-07 23:20 --------- d-----w C:\Program Files\Multi_Media
2008-03-07 23:18 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE
2008-03-07 23:14 --------- d-s---w C:\Documents and Settings\All Users\Application Data\Memeo
2008-03-07 23:13 --------- d-----w C:\Program Files\IAS_3_0
2008-03-07 23:11 --------- d-----w C:\Program Files\DivX
2008-03-07 23:10 --------- d-----w C:\Program Files\Yahoo! Games
2008-03-07 23:07 --------- d-----w C:\Program Files\AcmeChat_pp2
2008-03-07 21:44 --------- d-----w C:\Program Files\Picasa2
2008-03-07 21:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-03-06 16:56 --------- d-----w C:\Program Files\eMule
2008-03-03 19:03 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-03 15:53 --------- d-----w C:\Program Files\Western Digital
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2007-09-21 16:22 22,384 ----a-w C:\Documents and Settings\Jonki\Application Data\GDIPFONTCACHEV1.DAT
2006-11-04 13:03 18,196,247 ----a-w C:\Documents and Settings\Jonki\75 MsStyles.exe
2006-04-13 16:25 620,544 ----a-w C:\Program Files\vplayer.exe
2006-04-09 13:11 12,754,672 ----a-w C:\Program Files\media player.exe
2005-08-15 09:37 37 ----a-w C:\Documents and Settings\Jonki\getfile.dat
2007-12-31 08:16 10,022 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"SkinClock"="C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe" [2008-05-02 18:43 1707008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-06-28 11:51 218376]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-03-30 04:48 5898240]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 01:56 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.xvid"= xvid.dll
"vidc.asv2"= asusasv2.dll
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"D:\\Programs\\utorrent\\utorrent.exe"=
"C:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"=
"D:\\Program Files\\eMule\\eMule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2004-08-04 01:56]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 13:58]
S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 19:08]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 19:11]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 19:11]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 19:13]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 19:15]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE31bus.sys [2006-05-01 13:56]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE31mdfl.sys [2006-05-01 13:57]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE31mdm.sys [2006-05-01 13:57]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE31mgmt.sys [2006-05-01 13:58]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE31obex.sys [2006-05-01 13:59]
S3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D.sys []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contents of the 'Scheduled Tasks' folder
"2008-05-02 15:15:01 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-02 19:35:10
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-05-02 19:37:06
ComboFix-quarantined-files.txt 2008-05-02 17:36:46
ComboFix2.txt 2008-05-02 16:31:41
ComboFix3.txt 2008-05-02 11:00:37
ComboFix4.txt 2008-04-29 22:14:48
ComboFix5.txt 2008-04-29 17:28:59

Pre-Run: 9,353,875,456 bytes free
Post-Run: 9,428,140,032 bytes free

246 --- E O F --- 2008-05-02 16:21:02

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8448
  • Gde živiš: Novi Beograd

Otvoriti Notepad i iskopirati sledeci tekst:


Folder::
C:\Program Files\IEAntiVirus
C:\Program Files\dvd love
C:\Documents and Settings\Jonki\Application Data\dvd love
C:\Documents and Settings\All Users\Application Data\Bags Plus Online Chin

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}]


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Dopuna: 08 Maj 2008 23:02

Makedonac, jel radimo dalje ili zakljucavam?

Dopuna: 10 Maj 2008 13:15

Zaključavam i prebacujem u arhivu ambulante. Ako zeliš da nastavimo sa slučajem pošalji mi PM.

/lock

Ko je trenutno na forumu
 

Ukupno su 900 korisnika na forumu :: 42 registrovanih, 8 sakrivenih i 850 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., aramis s, awathorn, babaroga, Brankoni, cinoeye, Cirkon, Ctrl x, darkstar101, djordje92sm, Dorcolac, Faki-Valjevo, Filip Marinković, goranmarinkovic81, GreenMan, ivan979, Khaless, Krusarac, Marko Marković, MB120mm, mercedesamg, Mercury, milos.cbr, mračni čovek, Mugy, ostoja, pedja.st, pein, pirke2, Pohovani_00, repac, rovac, S.Palestinac, sakota79, sekretar, Srki94, Steeeefan, VladaKG1980, vladancekicsrb, Wisdomseeker, zlatkovuka, zlaya011